Hysteria 2 vs VLESS Reality

Hysteria 2 is faster on unstable networks and mobile. VLESS Reality is stealthier and works where UDP is blocked. Both live in the same Lunaire subscription, the client auto-switches between them.

The main difference is transport. Hysteria 2 runs strictly over UDP (QUIC stack). VLESS Reality runs over TCP/443. That affects firewall availability, handshake speed, and loss behavior.

UDP is a datagram protocol with no delivery guarantees. QUIC layers its own reliable-delivery logic on top, doing it more efficiently than classic TCP: 0-RTT handshake, stream multiplexing, more flexible CC.

TCP guarantees ordered delivery at the OS level. Reality uses the standard Linux/macOS TCP stack plus a TLS 1.3 handshake disguised as a connection to an external domain.

Hysteria 2 uses Brutal, taking an explicit target bandwidth from the user (e.g., "50 Mbps") and trying to hold it, ignoring packet loss as a signal. Rising RTT is the only trigger to slow down. 2-3× more throughput on lossy networks.

VLESS Reality runs over TCP — so it uses BBR / Cubic. Lunaire nodes run BBR v3 — solid on stable networks, but degrades at 5%+ loss.

Reality wins by a wide margin. A Reality TLS handshake is indistinguishable from a real domain handshake: external-site cert, matching SNI, standard TLS version & ciphersuite. Even JA3/JA4 systems see regular HTTPS.

Hysteria 2 is also stealthy, but less absolutely. It looks like QUIC and uses real TLS 1.3, but QUIC as a category gets flagged more often than plain HTTPS.

QUIC supports 0-RTT resumption — reconnecting happens with zero RTT, data ships alongside the handshake. Useful on mobile where connections break often.

Pitting Hysteria 2 against VLESS Reality is a false dilemma. They target different problems, not each other. Run them in parallel and auto-switch — that's exactly how Lunaire's stack is built.